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LISTING OF THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (Previously presented) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system that a client does not have a valid session 
credential granted by the first system; 

after the determining, retrieving, at the first system, information from a session 
token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the second system, the second system (1) grants 
session credentials based on successful authentication at the second system, and (2) includes a 
protected resource on the second system that is accessible by the client; the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; 

the first system presenting at least some of the information from the session 
token to the second system; 

the first system inputting a determination from the second system that the client 

has a valid session credential with the second system; 

the first system effecting successful authentication to the client so as to grant 
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access, to the protected resource on the first system, to the client based on the determination 
from the second system that the client has a valid session credential with the second system; 
and 

directing the client to the first system to establish a session credential based on 
successful authentication at the first system, after determining that the client does not have a 
valid session credential granted by the second system. 

2. (Previously presented) A method according to claim 1 , further comprising 
granting a session credential to the client by the first system, after determining that the client 
has a valid session credential granted by the second system. 

3. (Previously presented) A method according to claim 1, further comprising 
sending a session token to the client, the token corresponding to a session credential granted by 
the first system. 

4. (Previously presented) A method according to claim 1, further comprising 
directing the client to the second system to establish a session credential based on successful 
authentication at the second system, after determining that the client does not have a valid 
session credential granted by the second system. 

5. (Canceled). 
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6. (Previously presented) A method according to claim 1, further comprising 
maintaining the client session credential granted by the second system. 

7. (Canceled) 

8. (Original) A method according to claim 1, wherein retrieving information from 
the session token held by the client comprises: 

sending a query to the client from the first system, the query including 
identification as originating from a domain name corresponding to the second system; and 
receiving a response to the query. 

9. (Previously presented) A method for validating session credentials of a client 
comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system that a client does not have a valid session 
credential granted by the first system; 

after the determining, retrieving, at the first system, information from a session 
token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the second system that grants session credentials based 
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on successful authentication at the second system, and the second system including a protected 
resource that is accessible by the client, the retrieving information from the session token held 
by the client comprises receiving a session token from the client corresponding to the second 
system, and the protected resource on the second system being accessible by the client only 
after successful authentication of the client at the second system; 

presenting at least some of the information from the session token to the second 

system; 

determining whether the client has a valid session credential granted by the 
second system, the determining whether the client has a valid session credential granted by the 
second system is at least partially from presenting information from the session token; 

the first system inputting a determination from the second system that the client 
has a valid session credential with the second system; 

granting a session credential to the client on the first system, after determining 
that the client has a valid session credential granted by the second system; 

sending a session token to the client, the session token corresponding to the 
session credential granted by the first system, the session token allowing the client access to 
protected resources on the first system, so as to provide successful authentication to the client; 
and 

maintaining the client session credential; and 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system, and 
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the second system effecting successful authentication so as to grant access, to the 
further protected resource on the second system, to the client based on the determination from 
the first system that the client has a valid session credential with the first system. 

10. (Previously presented) Computer executable software code stored on a computer- 
readable medium and transmitted as an information signal, the code for validating credentials, 
the code comprising: 

code to input, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

code to determine, at the first system, that a client does not have a valid session 
credential granted by the first system; 

code to retrieve, after the determining that the client does not have a valid session 
credential granted by the first system, at the first system, information from a session token held 
by the client, the information corresponding to a session credential for the second system that 
grants session credentials based on successful authentication at the second system, the second 
system including a protected resource that is accessible by the client, and the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; 

code to present at least some of the information from the session token to the 
second system; and 

6 



U.S. PATENT APPLICATION 10/026,403 
Response to Final Office Action Dated April 6, 2009 
Attorney Docket: 72167.000570 

code to input, from the second system to the first system, a determination 
whether the client has a valid session credential granted by the second system; and 

code to effect successful authentication so as to grant access to the protected 
resource on the first system, to the client based on the determination from the second system 
that the client has a valid session credential with the second system; and 

code to direct the client to the first system to establish a session credential based 
on successful authentication at the first system, after determining that the client does not have a 
valid session credential granted by the second system. 

1 1 . (Previously presented) A computer readable medium having computer 
executable code stored thereon, the code for validating credentials, the code comprising: 
code to input, at a first system that grants session credentials based on successful authentication, 
a request from a client to access a protected resource on the first system, the protected resource 
on the first system being accessible by the client only after successful authentication of the 
client at the first system; 

code to determine, at the first system that the client does not have a valid session 
credential granted by the first system; 

code to retrieve from the client, at the first system and after the determining that 
the client does not have a valid session credential granted by the first system, information from 
a session token held by the client, the information corresponding to a possible session credential 
for the second system that grants session credentials based on successful authentication at the 
second system and that has a protected resource that is accessible by the client, the protected 
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resource on the second system being accessible by the client only after successful authentication 
of the client at the second system; 

code to present at least some of the information from the session token to the 
second system; and 

code to input, from the second system to the first system, a determination 
whether the client has a valid session credential granted by the second system; and 

code to effect successful authentication to the client so as to grant access to the 
protected resource on the first system, to the client based on the determination from the second 
system that the client has a valid session credential with the second system. 

12. (Previously presented) A programmed computer for validating credentials, 
comprising: 

a memory having at least one region for storing computer executable program 

code; and 

a processor for executing the program code stored in the memory, wherein the 
program code comprises: 

code to input, at a first system that grants session credentials based on successful authentication, 
a request from a client to access a protected resource on the first system, the protected resource 
on the first system being accessible by the client only after successful authentication of the 
client at the first system; 

code to determine, at the first system that the client does not have a valid session 
credential granted by the first system; 
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code to retrieve, at the first system and after the determining that the client does 
not have a valid session credential granted by the first system, information from a session token 
held by the client, the information corresponding to a session credential for the second system 
that grants session credentials based on successful authentication at the second system, the 
second system including a protected resource that is accessible by the client, the protected 
resource on the second system being accessible by the client only after successful authentication 
of the client at the second system; 

code to present at least some of the information from the session token to the 
second system; and 

code to input, from the second system to the first system, a determination 
whether the client has a valid session credential granted by the second system and 

code to effect successful authentication so as to grant access to the protected 
resource on the first system, to the client based on the determination from the second system 
that the client has a valid session credential with the second system; 

code to direct the client to the first system to establish a session credential based 
on successful authentication at the first system, after determining that the client does not have a 
valid session credential granted by the second system; 

code to input into the first system information from the second system, and in 
response, output from the first system, to the second system, a determination that the first 
system has a valid session credential for the client at the first system, and 

code to effect successful authentication with the second system so as to grant 
access, to the further protected resource on the second system, to the client based on the 
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determination from the first system that the client has a valid session credential with the first 
system. 

13. (Previously presented) A method for establishing session credentials 
comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining at the first system that the client does not have a valid session 
credential granted by a first system; 

determining that the client does not have a valid session credential granted by a 
second system based on successful authentication at the second system; 

sending, from the first system to the client, a log in page; 

receiving, at the first system from the client, log in information; 

sending, from the first system to the second system, the log in information; and 

after the determining at the first system that the client does not have a valid 
session credential granted by a first system, receiving, at the first system from the second 
system, information corresponding to a session credential granted by the second system, the 
session credential granted by the second system based at least in part on the log in information 
and successful authentication at the second system, the second system being one that (1) grants 
session credentials based on successful authentication at the second system, and (2) includes a 
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protected resource on the second system that is accessible by the client, the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; and 

the first system effecting successful authentication so as to grant access, to a 
protected resource on the first system, to the client based on the determination from the second 
system that the client has a valid session credential with the second system; 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system, and 

the second system effecting successful authentication so as to grant access, to the 
further protected resource on the second system, to the client based on the determination from 
the first system that the client has a valid session credential with the first system. 

14. (Previously presented) A method according to claim 13, further comprising 
granting a session credential for the first system. 

15. (Previously presented) A method according to claim 13, further comprising 
granting a session credential for the second system. 

16. (Previously presented) A method according to claim 13, further comprising 
associating session credentials for the first system and the second system with the client. 
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17. (Previously presented) A method for establishing session credentials for a client, 
the method comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining that the client does not have a valid session credential granted by the 

first system; 

after the determining, retrieving, at the first system, information from a session 
token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the second system 

inputting information at the first system, from the second system, that the client 
does not have a valid session credential granted by the second system, the second system 
including a protected resource, the protected resource on the second system being accessible by 
the client only after successful authentication of the client at the second system; 

sending, from the second system to the client, a log in page; 

receiving, at the second system from the client, log in information; and 

sending, from the second system to the first system, information corresponding 
to a session credential granted by the second system, the session credential granted by the 
second system based at least in part on the log in information and successful authentication at 
the second system; and 

granting a session credential to the client for the first system so as to provide 
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successful authentication, such that the client is granted access to a protected resource on the 
first system; 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system, and 

the second system effecting successful authentication so as to grant access, to the 
further protected resource on the second system, to the client based on the determination from 
the first system that the client has a valid session credential with the first system. 

18. (Original) A method according to claim 17, further comprising granting a session 
credential for the second system. 

19. (Original) A method according to claim 17, further comprising associating 
session credentials for the first system and the second system with the client. 

20. (Previously presented) A method for validating credentials comprising: 
inputting, at a first system that grants session credentials based on successful 

authentication, a request from a client to access a protected resource on the first system 
determining, at the first system that a client does not have a valid session 

credential granted by the first system; 

redirecting the client to the second system that grants session credentials based 

on successful authentication at the second system, the second system having a protected 
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resource that is accessible by the client; 

sending, from the second system to the first system, session credentials granted 
by the second system; 

sending, from the first system to the second system, the session credentials 
granted by the second system; 

determining, at the second system, that the session credentials granted by the 
second system, and received from the first system, are valid; and 

sending, from the second system to the first system, information indicating that 
the session credentials granted by the second system are valid; and 

inputting, at the second system that grants session credentials based on 
successful authentication, a request from a client to access a protected resource on the second 
system 

determining, at the second system that a client does not have a valid session 
credential granted by the second system; 

after such determining, retrieving, at the second system, information from a 
session token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the first system; 

redirecting the client to the first system that grants session credentials based on 
successful authentication at the first system; 

sending, from the first system to the second system, session credentials granted 
by the first system; 

sending, from the second system to the first system, the session credentials 
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granted by the first system; 

determining, at the first system, that the session credentials granted by the first 
system, and received from the second system, are valid; and 

sending, from the first system to the second system, information indicating that 
the session credentials granted by the first system are valid. 

21.-22. (Canceled) 

23. (Previously presented) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource being accessible upon successful authentication of the client at the first 
system; 

determining, at the first system that the client does not have a valid session 
credential granted by the first system, so as to allow the client access to the protected resource 
on the first system; 

after the determining, retrieving, at the first system, information from a session 
token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the second system; 

the first system communicating with a second system, the second system having 
a further protected resource on the second system, the further protected resource being 
accessible upon successful authentication of the client at the second system; 
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the first system presenting information to the second system; 

the first system inputting a determination from the second system that the client 
has a valid session credential with the second system; 

the first system effecting successful authentication so as to grant access, to the 
protected resource on the first system, to the client, based on the determination from the second 
system that the client has a valid session credential with the second system; 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system; and 

the second system effecting successful authentication so as to grant access, to the further 
protected resource on the second system, to the client based on the determination from the first 
system that the client has a valid session credential with the first system. 

24. (Canceled) 

25. (Previously presented) The method of claim 23, wherein the protected resource 
in the first system includes content provided on a pay-per-use basis, and wherein the protected 
resource in the second system includes content provided on a pay-per-use basis. 

26. (Previously presented) The method of claim 23, wherein the protected resource 
in the first system includes content provided on a subscription basis, and wherein the protected 
resource in the second system includes content provided on a subscription basis. 
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27. (Previously Presented) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system whether a client have a valid session credential 
granted by the first system; 

retrieving, at the first system, information from a session token held by the client 
if the client does not have a valid session credential granted by the first system, wherein the 
information is retrieved from the client and the information corresponds to a session credential 
for a second system, the second system (1) grants session credentials based on successful 
authentication at the second system, and (2) includes a protected resource on the second system 
that is accessible by the client; the protected resource on the second system being accessible by 
the client only after successful authentication of the client at the second system; 

transmitting, at the first system, at least some of the information from the session 
token to the second system; 

receiving and inputting, at the first system, information associated with a 
determination from the second system whether the client has a valid session credential with the 
second system, wherein the client's session credential with the second system is periodically 
renewed via the first system; 

effecting, at the first system, successful authentication to the client so as to grant 
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access, to the protected resource on the first system, to the client based on the information 
associated with the determination from the second system that the client has a valid session 
credential with the second system; and 

directing the client to the first system to establish a session credential, after the 
determination from the second system that the client does not have a valid session credential 
granted by the second system. 

28. (Previously Presented) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system whether a client have a valid session credential 
granted by the first system; 

retrieving, at the first system, information from a first session token held by the 
client if the client does not have a valid session credential granted by the first system, wherein 
the information is retrieved from the client and the information corresponds to a session 
credential for a second system, the second system (1) grants session credentials based on 
successful authentication at the second system, and (2) includes a protected resource on the 
second system that is accessible by the client; the protected resource on the second system 
being accessible by the client only after successful authentication of the client at the second 
system; 
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transmitting, at the first system, at least some of the information from the first 
session token to the second system; 

receiving and inputting, at the first system, information associated with a 
determination from the second system whether the client has a valid session credential with the 
second system, wherein the client's session credential with the second system is periodically 
renewed via the first system; 

effecting, at the first system, successful authentication to the client so as to grant 
access, to the protected resource on the first system, to the client based on the information 
associated with the determination from the second system that the client has a valid session 
credential with the second system; and 

directing the client to the first system to establish a session credential, after the 
determination from the second system that the client does not have a valid session credential 
granted by the second system, wherein the step of directing the client to the first system to 
establish a session credential further comprises: 

receiving, at the first system, a redirect code in response to the 
determination from the second system that the client does not have a valid session credential 
granted by the second system; 

directing the client to a log in page provided by the second system based 

on the redirect code; 

receiving, at the first system from the client, log in information; 
sending, from the first system to the second system, the log in 

information; and 
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receiving, at the client, a second session token if the second system 
determines that the log in information is valid. 

29. (Previously Presented) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system whether a client have a valid session credential 
granted by the first system; 

generating a log in page at the first system and present the log in page to the 
client, wherein the log in page corresponds to a second system, the second system (1) grants 
session credentials based on successful authentication at the second system, wherein the session 
credentials of the second system is periodically renewed via the first system, and (2) includes a 
protected resource on the second system that is accessible by the client; the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system;; 

receiving, at the first system from the client, authentication credentials required 
by the log in page; 

transmitting, from the first system to the second system, the authentication 
credentials required by the log in page; and 

generating, at the first system, one or more session tokens for the first system and 
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the second system if the second system determines that the authentication credential required by 
the log in page is valid, wherein the one or more session tokens for the first system and the 
second system grant access, to the protected resource on the first system and to the protected 
resource on the second system. 
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